/*
 * Copyright (c) 2018. Beyondsoft Corporation.
 * All Rights Reserved.
 *
 * BEYONDSOFT CONFIDENTIALITY
 *
 * The information in this file is confidential and privileged from Beyondsoft Corporation,
 * which is intended only for use solely by Beyondsoft Corporation.
 * Disclosure, copying, distribution, or use of the contents of this file by persons other than Beyondsoft Corporation
 * is strictly prohibited and may violate applicable laws.
 */

package com.luci.security;

import com.luci.security.support.IAuth;
import java.util.Collection;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

/**
 * 加载权限与资源的对应关系
 *
 * @author jeff
 */
@Slf4j
public class CustomSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

    private IAuth iAuth;

    public CustomSecurityMetadataSource(IAuth iAuth) {
        this.iAuth = iAuth;
    }

    /**
     * 所有的资源权限
     */
    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {

        return null;
    }

    /**
     * 请求资源所需要的权限
     *
     */
    @Override
    public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
        return iAuth.getRolesByUrl((FilterInvocation) object);
    }

    @Override
    public boolean supports(Class<?> arg0) {
        return true;
    }

}
